*a '''fresh''' FreeLink/Debian installation available [http://linkstationwiki.net/index.php?title=Category:FreeLink here] - note that any previously existing configuration files in /home, /root, /var, /etc, and other locations may cause problems with an installation. Squid, in particular, is very picky about these things. It is recommended that you first install eBox, and then add other servers after you have it installed and customized for your network.

+

*A '''fresh''' FreeLink/Debian installation available [http://linkstationwiki.net/index.php?title=Category:FreeLink here] - note that any previously existing configuration files in /home, /root, /var, /etc, and other locations may cause problems with an installation. Squid, in particular, is very picky about these things. It is recommended that you first install eBox, and then add other servers after you have it installed and customized for your network.

−

*hard drive space on hda1 - eBox needs

+

*Hard drive space on hda1 - eBox needs

−

**lots of space for the software and packages, and

+

**lots of space for the software and packages, so

−

**to build samba shares in /home, so do something like this:

+

**'''either use a custom partition with all the space you need, or create symlinks''' as shown here - [[Freeing_up_space_on_hda1| Freeing Up Space On hda1]]

+

**in particular, eBox will build its Samba shares in /home, so do something like this:

mv /home /mnt/

mv /home /mnt/

cd /

cd /

ln -s /mnt/home home

ln -s /mnt/home home

−

**'''either use a custom partition with all the space you need, or create symlinks''' as shown here - [[Freeing_up_space_on_hda1| Freeing Up Space On hda1]]

+

*A realization that eBox may move your box towards being a bit of a "dedicated box" with a strong firewall

−

*a realization that eBox may move your box towards being a bit of a "dedicated box" with a strong firewall

+

*Read over this excellent (yet slightly outdated - version 0.7.1) [http://www.howtoforge.com/debian_ebox installation guide for eBox] - it shows many of the key points - a few of the configuration options mentioned have changed

−

*read over this excellent (yet slightly outdated - version 0.7.1) [http://www.howtoforge.com/debian_ebox installation guide for eBox] - it shows many of the key points - a few of the configuration options mentioned have changed

+

*Read over the [http://ebox-platform.com/installation-guide installation guide for desktop computers] - see the '''Debian Packages''' section

−

*read over the [http://ebox-platform.com/installation-guide installation guide for desktop computers] - see the '''Debian Packages''' section

+

*'''Time''' = 40 minutes to an hour or more, depending on your internet connection (about 100MB has to be downloaded)

−

*'''time''' = 40 minutes to an hour or more, depending on your internet connection (about 100MB has to be downloaded)

What is eBox?

Developed as a flexible server/NAS solution for small business and small offices, eBox Platform is a management tool that supplies the following services:

NAS

Samba Filesharing and Printer Sharing

Firewall

Transparent proxy via Squid

Content filter

NTP Server

Users and groups administration

Mail server

Backup of data and/or system

How does it compare to Webmin (on Debian/FreeLink) and the stock Buffalo Web Interface(on the stock firmware) ?

eBox is not a full-fledged replacement for Webmin, but it does handle some things very well. It may be a better alternative for Debian/FreeLink users who found Webmin either too slow or too complex for their liking. In short, it can do nearly everything the stock Buffalo webinterface can do, and as more modules are written by developers and contributors, it may broaden its scope and capability.
In particular it:

has enough features to make it work well as a Network Attached Storage (NAS) device

has a lot of features that make it a good choice as a gateway

has better printer support (greater variety of printers supported) than the stockware

can be locked down tighter than the stockware

has less options than Webmin

seems like it can be locked down tighter/more securely than the stockware

is faster than Webmin, provided that you don't install to much on top of it; is not as fast as the stock web interface

Installation

Prerequisites

A fresh FreeLink/Debian installation available here - note that any previously existing configuration files in /home, /root, /var, /etc, and other locations may cause problems with an installation. Squid, in particular, is very picky about these things. It is recommended that you first install eBox, and then add other servers after you have it installed and customized for your network.

Debian packages/libs ARM9/LS-Pro FreeLink

not yet available

General Installation Steps for all LS's

Below is a very basic script for PPC LS's (LS1 and HG, Kuros). The script works and has been tested several times on an HG running UBoot, but is alpha or pre-alpha in nature. To use it, adjust IP addresses, namerservers, search domain, and whatever else you want. Run it either as a script, or cut and paste commands as you like. Use at your own risk: You can now wget/download the latest version - if you do, please post feedback at the thread listed bottom-of-page. Good luck.

ARM ProLS users will have to build their own packages, and alter the script only slightly - but this script has not been tested on the Pro.

Configuring and Customizing

Package configuration

As the install script runs, or as you go through the steps manually, provide the natural answers. For some of the configuration, you will want to make specific choices:

For all of the questions of the form "After unpacking 299kB of additional disk space will be used.
Do you want to continue? [Y/n]" , answer y.

Allow SSH protocol 2 only? <-------------------- Yes

Do you want /usr/lib/ssh-keysign to be installed SUID root? <-------------------- Yes

Do you want to run the sshd server? <-------------------- Yes

Enter new UNIX password: <-------------------- (your choice)

Your current time zone is set to US/Eastern
Do you want to change that? [n]: <-------------------- (your choice)

The following packages will be REMOVED:
exim4
0 upgraded, 0 newly installed, 1 to remove and 0 not upgraded.
Need to get 0B of archives.
After unpacking 32.8kB disk space will be freed.
Do you want to continue? [Y/n] <-------------------- Y Yes, since exim4 is not compatible w/ eBox's email client

Where should the PostgreSQL database be created?
/var/lib/postgres/data_______________________________
<Ok> <-------------------- <Ok>

Should the data be purged as well as the package files? <-------------------- No

Choose European or US day/month order in dates. (your choice) and <Ok>

DNS domain name: dnmwireless.com (or whatever you set it to in the scripted commands) and <Ok>

Name of your organization: dnmwireless.com (or whatever you set it to in the previous line above) and <Ok>

LDAP Admin password: (your choice)
Allow LDAPv2 protocol? <No>

Apache-Perl needs to be reconfigured. <Ok>

Enable suExec? <No>

Do you want the cdrecord binaries to be installed SUID root?
<Yes, if you want users to be able to backup your data w/ a CD/DVD burner>
<No, otherwise>

Which paper size should be the system default? (your choice: US uses letter, Europe, others use A4)

On what network interfaces should the DHCP server listen? eth0 (Linkstations have only one ethernet port)

Please configure the DHCP server as soon as the installation finishes. <Ok>
The version 3 DHCP server is now non-authoritative by default. <Ok>

You can run dpkg-reconfigure later,... <Ok>

Do you want to entrust font management to defoma? Yes

Workgroup/Domain Name? (your choice, or WORKGROUP)

Use password encryption? yes

Modify smb.conf to use WINS settings from DHCP? No

How do you want to run Samba? daemons

Create samba password database, /var/lib/samba/passdb.tdb? No

LDAP server host address 127.0.0.1

distinguished name of the search base dc=dnmwireless,dc=com (or a choice that agrees with your chosen domain name)

LDAP version to use 3

database requires login no

make configuration readable/writeable by owner only no

nsswitch.conf is not managed automatically... <Ok>

Send daily reminders to users over quota No

Configuration file `/etc/dhcp3/dhclient.conf'
==> File on system created by you or by a script.
==> File also in package provided by package maintainer.
What would you like to do about it ? Your options are:
Y or I : install the package maintainer's version
N or O : keep your currently-installed version
D : show the differences between the versions
Z : background this process to examine the situation
The default action is to keep your current version.
*** dhclient.conf (Y/I/N/O/D/Z) [default=N] ? N

Post-install Options

SSH access after installation

During installation you may find that you lose your ssh connection toward the very end. This can be fixed by following these directions How to Enable SSH access. Once you have done this and saved changes, test it by opening a new terminal window and attempt to connect with SSH. Make sure you have connectivity before you reboot in the next step.

Initial Reboot

Before any changes are made to network or further settings, it seems to help to halt and cold boot again. Do this through the web interface. It may take some time (1-2 minutes) for everything to terminate, and another 2-3 minutes for it to boot.

HTTP Proxy settings

If you want to add software via apt-get or wget, your eBox will need http access. To do this, you may have to enable the Transparent Proxy.

Click on HTTP proxy -> General ;

choose

Service Configuration Enabled (Change) ,

Transparent Proxy - Enabled ,

Content threshold - Very Permissive,

Global policy - Allow (Change) and then

Save Changes (upper right hand corner).

Network Settings, DHCP and DNS Problems

In Network, fill in your settings for DNS and Gateways, and Apply & Save Changes on each.

You can check your connection through the Diagnosis page. If you can't ping yahoo.com for instance, go back and check your settings for the previous two pages.

If you are having trouble reaching sites like mirrors.kernel.org or your favorite CPAN mirror, you may want to go to Network->Interfaces and set eth0 to DHCP, change and Save Changes. Do not set eth0 to External. This will kill your connection. If this change doesn't remedy it, check to see that you have enabled the Transparent Proxy.

Firewall

eBox's firewall is very strong and integrated. It uses iptables and can be controlled to a great degree from the web interface. Security comes at a cost, so here is how to get around it to some extent.

Opening up ports for Firefly/mt-daapd

This can be very tricky to do. Firefly requires access to ports 3689 (tcp) and 5353 (udp). Port 5353 is used by mDNS and handles multicasting traffic.
First, check to see that you have Firefly installed properly. If you do, you should be able to do both of these:

open a browser to http://<ebox IP>:3689 and see the standard web page for Firefly

see port 3689 open using a port scanner pointed at your eBox.

You may have use the perl add-service-to-firewall script and then add a Service Allow via the eBox Firewall page.

In addition to that, you can allow multicasting and mDNS services with these commands: